<!DOCTYPE HTML>

<html lang="en">
<head>

<title>AbstractSecurityInterceptor (spring-security-docs 5.6.3 API)</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="stylesheet" type="text/css" href="../../../../../stylesheet.css" title="Style">
<link rel="stylesheet" type="text/css" href="../../../../../jquery/jquery-ui.css" title="Style">
<script type="text/javascript" src="../../../../../script.js"></script>
<script type="text/javascript" src="../../../../../jquery/jszip/dist/jszip.min.js"></script>
<script type="text/javascript" src="../../../../../jquery/jszip-utils/dist/jszip-utils.min.js"></script>
<!--[if IE]>
<script type="text/javascript" src="../../../../../jquery/jszip-utils/dist/jszip-utils-ie.min.js"></script>
<![endif]-->
<script type="text/javascript" src="../../../../../jquery/jquery-3.5.1.js"></script>
<script type="text/javascript" src="../../../../../jquery/jquery-ui.js"></script>
</head>
<body>
<script type="text/javascript"><!--
    try {
        if (location.href.indexOf('is-external=true') == -1) {
            parent.document.title="AbstractSecurityInterceptor (spring-security-docs 5.6.3 API)";
        }
    }
    catch(err) {
    }
//-->
var data = {"i0":10,"i1":10,"i2":10,"i3":10,"i4":10,"i5":10,"i6":10,"i7":10,"i8":6,"i9":10,"i10":10,"i11":10,"i12":6,"i13":10,"i14":10,"i15":10,"i16":10,"i17":10,"i18":10,"i19":10,"i20":10,"i21":10,"i22":10};
var tabs = {65535:["t0","All Methods"],2:["t2","Instance Methods"],4:["t3","Abstract Methods"],8:["t4","Concrete Methods"]};
var altColor = "altColor";
var rowColor = "rowColor";
var tableTab = "tableTab";
var activeTableTab = "activeTableTab";
var pathtoroot = "../../../../../";
var useModuleDirectories = true;
loadScripts(document, 'script');</script>
<noscript>
<div>JavaScript is disabled on your browser.</div>
</noscript>
<header role="banner">
<nav role="navigation">
<div class="fixedNav">

<div class="topNav"><a id="navbar.top">

</a>
<div class="skipNav"><a href="AbstractSecurityInterceptor.html#skip.navbar.top" title="Skip navigation links">Skip navigation links</a></div>
<a id="navbar.top.firstrow">

</a>
<ul class="navList" title="Navigation">
<li><a href="../../../../../index.html">Overview</a></li>
<li><a href="package-summary.html">Package</a></li>
<li class="navBarCell1Rev">Class</li>
<li><a href="package-tree.html">Tree</a></li>
<li><a href="../../../../../deprecated-list.html">Deprecated</a></li>
<li><a href="../../../../../index-all.html">Index</a></li>
<li><a href="../../../../../help-doc.html">Help</a></li>
</ul>
</div>
<div class="subNav">
<ul class="navList" id="allclasses_navbar_top">
<li><a href="../../../../../allclasses.html">All&nbsp;Classes</a></li>
</ul>
<ul class="navListSearch">
<li><label for="search">SEARCH:</label>
<input type="text" id="search" value="search" disabled="disabled">
<input type="reset" id="reset" value="reset" disabled="disabled">
</li>
</ul>
<div>
<script type="text/javascript"><!--
  allClassesLink = document.getElementById("allclasses_navbar_top");
  if(window==top) {
    allClassesLink.style.display = "block";
  }
  else {
    allClassesLink.style.display = "none";
  }
  //-->
</script>
<noscript>
<div>JavaScript is disabled on your browser.</div>
</noscript>
</div>
<div>
<ul class="subNavList">
<li>Summary:&nbsp;</li>
<li>Nested&nbsp;|&nbsp;</li>
<li><a href="AbstractSecurityInterceptor.html#field.summary">Field</a>&nbsp;|&nbsp;</li>
<li><a href="AbstractSecurityInterceptor.html#constructor.summary">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="AbstractSecurityInterceptor.html#method.summary">Method</a></li>
</ul>
<ul class="subNavList">
<li>Detail:&nbsp;</li>
<li><a href="AbstractSecurityInterceptor.html#field.detail">Field</a>&nbsp;|&nbsp;</li>
<li><a href="AbstractSecurityInterceptor.html#constructor.detail">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="AbstractSecurityInterceptor.html#method.detail">Method</a></li>
</ul>
</div>
<a id="skip.navbar.top">

</a></div>

</div>
<div class="navPadding">&nbsp;</div>
<script type="text/javascript"><!--
$('.navPadding').css('padding-top', $('.fixedNav').css("height"));
//-->
</script>
</nav>
</header>

<main role="main">
<div class="header">
<div class="subTitle"><span class="packageLabelInType">Package</span>&nbsp;<a href="package-summary.html">org.springframework.security.access.intercept</a></div>
<h2 title="Class AbstractSecurityInterceptor" class="title">Class AbstractSecurityInterceptor</h2>
</div>
<div class="contentContainer">
<ul class="inheritance">
<li>java.lang.Object</li>
<li>
<ul class="inheritance">
<li>org.springframework.security.access.intercept.AbstractSecurityInterceptor</li>
</ul>
</li>
</ul>
<div class="description">
<ul class="blockList">
<li class="blockList">
<dl>
<dt>All Implemented Interfaces:</dt>
<dd><code>org.springframework.beans.factory.Aware</code>, <code>org.springframework.beans.factory.InitializingBean</code>, <code>org.springframework.context.ApplicationEventPublisherAware</code>, <code>org.springframework.context.MessageSourceAware</code></dd>
</dl>
<dl>
<dt>Direct Known Subclasses:</dt>
<dd><code><a href="../../messaging/access/intercept/ChannelSecurityInterceptor.html" title="class in org.springframework.security.messaging.access.intercept">ChannelSecurityInterceptor</a></code>, <code><a href="../../web/access/intercept/FilterSecurityInterceptor.html" title="class in org.springframework.security.web.access.intercept">FilterSecurityInterceptor</a></code>, <code><a href="aopalliance/MethodSecurityInterceptor.html" title="class in org.springframework.security.access.intercept.aopalliance">MethodSecurityInterceptor</a></code></dd>
</dl>
<hr>
<pre>public abstract class <span class="typeNameLabel">AbstractSecurityInterceptor</span>
extends java.lang.Object
implements org.springframework.beans.factory.InitializingBean, org.springframework.context.ApplicationEventPublisherAware, org.springframework.context.MessageSourceAware</pre>
<div class="block">Abstract class that implements security interception for secure objects.
<p>
The <code>AbstractSecurityInterceptor</code> will ensure the proper startup
configuration of the security interceptor. It will also implement the proper handling
of secure object invocations, namely:
<ol>
<li>Obtain the <a href="../../core/Authentication.html" title="interface in org.springframework.security.core"><code>Authentication</code></a> object from the
<a href="../../core/context/SecurityContextHolder.html" title="class in org.springframework.security.core.context"><code>SecurityContextHolder</code></a>.</li>
<li>Determine if the request relates to a secured or public invocation by looking up
the secure object request against the <a href="../SecurityMetadataSource.html" title="interface in org.springframework.security.access"><code>SecurityMetadataSource</code></a>.</li>
<li>For an invocation that is secured (there is a list of <code>ConfigAttribute</code>s
for the secure object invocation):
<ol type="a">
<li>If either the
<a href="../../core/Authentication.html#isAuthenticated()"><code>Authentication.isAuthenticated()</code></a> returns
<code>false</code>, or the <a href="AbstractSecurityInterceptor.html#alwaysReauthenticate"><code>alwaysReauthenticate</code></a> is <code>true</code>,
authenticate the request against the configured <a href="../../authentication/AuthenticationManager.html" title="interface in org.springframework.security.authentication"><code>AuthenticationManager</code></a>. When
authenticated, replace the <code>Authentication</code> object on the
<code>SecurityContextHolder</code> with the returned value.</li>
<li>Authorize the request against the configured <a href="../AccessDecisionManager.html" title="interface in org.springframework.security.access"><code>AccessDecisionManager</code></a>.</li>
<li>Perform any run-as replacement via the configured <a href="RunAsManager.html" title="interface in org.springframework.security.access.intercept"><code>RunAsManager</code></a>.</li>
<li>Pass control back to the concrete subclass, which will actually proceed with
executing the object. A <a href="InterceptorStatusToken.html" title="class in org.springframework.security.access.intercept"><code>InterceptorStatusToken</code></a> is returned so that after the
subclass has finished proceeding with execution of the object, its finally clause can
ensure the <code>AbstractSecurityInterceptor</code> is re-called and tidies up
correctly using <a href="AbstractSecurityInterceptor.html#finallyInvocation(org.springframework.security.access.intercept.InterceptorStatusToken)"><code>finallyInvocation(InterceptorStatusToken)</code></a>.</li>
<li>The concrete subclass will re-call the <code>AbstractSecurityInterceptor</code> via
the <a href="AbstractSecurityInterceptor.html#afterInvocation(org.springframework.security.access.intercept.InterceptorStatusToken,java.lang.Object)"><code>afterInvocation(InterceptorStatusToken, Object)</code></a> method.</li>
<li>If the <code>RunAsManager</code> replaced the <code>Authentication</code> object,
return the <code>SecurityContextHolder</code> to the object that existed after the call
to <code>AuthenticationManager</code>.</li>
<li>If an <code>AfterInvocationManager</code> is defined, invoke the invocation manager
and allow it to replace the object due to be returned to the caller.</li>
</ol>
</li>
<li>For an invocation that is public (there are no <code>ConfigAttribute</code>s for
the secure object invocation):
<ol type="a">
<li>As described above, the concrete subclass will be returned an
<code>InterceptorStatusToken</code> which is subsequently re-presented to the
<code>AbstractSecurityInterceptor</code> after the secure object has been executed. The
<code>AbstractSecurityInterceptor</code> will take no further action when its
<a href="AbstractSecurityInterceptor.html#afterInvocation(org.springframework.security.access.intercept.InterceptorStatusToken,java.lang.Object)"><code>afterInvocation(InterceptorStatusToken, Object)</code></a> is called.</li>
</ol>
</li>
<li>Control again returns to the concrete subclass, along with the <code>Object</code>
that should be returned to the caller. The subclass will then return that result or
exception to the original caller.</li>
</ol></div>
</li>
</ul>
</div>
<div class="summary">
<ul class="blockList">
<li class="blockList">

<section role="region">
<ul class="blockList">
<li class="blockList"><a id="field.summary">

</a>
<h3>Field Summary</h3>
<table class="memberSummary">
<caption><span>Fields</span><span class="tabEnd">&nbsp;</span></caption>
<tr>
<th class="colFirst" scope="col">Modifier and Type</th>
<th class="colSecond" scope="col">Field</th>
<th class="colLast" scope="col">Description</th>
</tr>
<tr class="altColor">
<td class="colFirst"><code>protected org.apache.commons.logging.Log</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractSecurityInterceptor.html#logger">logger</a></span></code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr class="rowColor">
<td class="colFirst"><code>protected org.springframework.context.support.MessageSourceAccessor</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractSecurityInterceptor.html#messages">messages</a></span></code></th>
<td class="colLast">&nbsp;</td>
</tr>
</table>
</li>
</ul>
</section>

<section role="region">
<ul class="blockList">
<li class="blockList"><a id="constructor.summary">

</a>
<h3>Constructor Summary</h3>
<table class="memberSummary">
<caption><span>Constructors</span><span class="tabEnd">&nbsp;</span></caption>
<tr>
<th class="colFirst" scope="col">Constructor</th>
<th class="colLast" scope="col">Description</th>
</tr>
<tr class="altColor">
<th class="colConstructorName" scope="row"><code><span class="memberNameLink"><a href="AbstractSecurityInterceptor.html#%3Cinit%3E()">AbstractSecurityInterceptor</a></span>()</code></th>
<td class="colLast">&nbsp;</td>
</tr>
</table>
</li>
</ul>
</section>

<section role="region">
<ul class="blockList">
<li class="blockList"><a id="method.summary">

</a>
<h3>Method Summary</h3>
<table class="memberSummary">
<caption><span id="t0" class="activeTableTab"><span>All Methods</span><span class="tabEnd">&nbsp;</span></span><span id="t2" class="tableTab"><span><a href="javascript:show(2);">Instance Methods</a></span><span class="tabEnd">&nbsp;</span></span><span id="t3" class="tableTab"><span><a href="javascript:show(4);">Abstract Methods</a></span><span class="tabEnd">&nbsp;</span></span><span id="t4" class="tableTab"><span><a href="javascript:show(8);">Concrete Methods</a></span><span class="tabEnd">&nbsp;</span></span></caption>
<tr>
<th class="colFirst" scope="col">Modifier and Type</th>
<th class="colSecond" scope="col">Method</th>
<th class="colLast" scope="col">Description</th>
</tr>
<tr id="i0" class="altColor">
<td class="colFirst"><code>protected java.lang.Object</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractSecurityInterceptor.html#afterInvocation(org.springframework.security.access.intercept.InterceptorStatusToken,java.lang.Object)">afterInvocation</a></span>&#8203;(<a href="InterceptorStatusToken.html" title="class in org.springframework.security.access.intercept">InterceptorStatusToken</a>&nbsp;token,
java.lang.Object&nbsp;returnedObject)</code></th>
<td class="colLast">
<div class="block">Completes the work of the <tt>AbstractSecurityInterceptor</tt> after the secure
object invocation has been completed.</div>
</td>
</tr>
<tr id="i1" class="rowColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractSecurityInterceptor.html#afterPropertiesSet()">afterPropertiesSet</a></span>()</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i2" class="altColor">
<td class="colFirst"><code>protected <a href="InterceptorStatusToken.html" title="class in org.springframework.security.access.intercept">InterceptorStatusToken</a></code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractSecurityInterceptor.html#beforeInvocation(java.lang.Object)">beforeInvocation</a></span>&#8203;(java.lang.Object&nbsp;object)</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i3" class="rowColor">
<td class="colFirst"><code>protected void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractSecurityInterceptor.html#finallyInvocation(org.springframework.security.access.intercept.InterceptorStatusToken)">finallyInvocation</a></span>&#8203;(<a href="InterceptorStatusToken.html" title="class in org.springframework.security.access.intercept">InterceptorStatusToken</a>&nbsp;token)</code></th>
<td class="colLast">
<div class="block">Cleans up the work of the <tt>AbstractSecurityInterceptor</tt> after the secure
object invocation has been completed.</div>
</td>
</tr>
<tr id="i4" class="altColor">
<td class="colFirst"><code><a href="../AccessDecisionManager.html" title="interface in org.springframework.security.access">AccessDecisionManager</a></code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractSecurityInterceptor.html#getAccessDecisionManager()">getAccessDecisionManager</a></span>()</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i5" class="rowColor">
<td class="colFirst"><code><a href="AfterInvocationManager.html" title="interface in org.springframework.security.access.intercept">AfterInvocationManager</a></code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractSecurityInterceptor.html#getAfterInvocationManager()">getAfterInvocationManager</a></span>()</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i6" class="altColor">
<td class="colFirst"><code><a href="../../authentication/AuthenticationManager.html" title="interface in org.springframework.security.authentication">AuthenticationManager</a></code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractSecurityInterceptor.html#getAuthenticationManager()">getAuthenticationManager</a></span>()</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i7" class="rowColor">
<td class="colFirst"><code><a href="RunAsManager.html" title="interface in org.springframework.security.access.intercept">RunAsManager</a></code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractSecurityInterceptor.html#getRunAsManager()">getRunAsManager</a></span>()</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i8" class="altColor">
<td class="colFirst"><code>abstract java.lang.Class&lt;?&gt;</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractSecurityInterceptor.html#getSecureObjectClass()">getSecureObjectClass</a></span>()</code></th>
<td class="colLast">
<div class="block">Indicates the type of secure objects the subclass will be presenting to the
abstract parent for processing.</div>
</td>
</tr>
<tr id="i9" class="rowColor">
<td class="colFirst"><code>boolean</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractSecurityInterceptor.html#isAlwaysReauthenticate()">isAlwaysReauthenticate</a></span>()</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i10" class="altColor">
<td class="colFirst"><code>boolean</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractSecurityInterceptor.html#isRejectPublicInvocations()">isRejectPublicInvocations</a></span>()</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i11" class="rowColor">
<td class="colFirst"><code>boolean</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractSecurityInterceptor.html#isValidateConfigAttributes()">isValidateConfigAttributes</a></span>()</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i12" class="altColor">
<td class="colFirst"><code>abstract <a href="../SecurityMetadataSource.html" title="interface in org.springframework.security.access">SecurityMetadataSource</a></code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractSecurityInterceptor.html#obtainSecurityMetadataSource()">obtainSecurityMetadataSource</a></span>()</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i13" class="rowColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractSecurityInterceptor.html#setAccessDecisionManager(org.springframework.security.access.AccessDecisionManager)">setAccessDecisionManager</a></span>&#8203;(<a href="../AccessDecisionManager.html" title="interface in org.springframework.security.access">AccessDecisionManager</a>&nbsp;accessDecisionManager)</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i14" class="altColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractSecurityInterceptor.html#setAfterInvocationManager(org.springframework.security.access.intercept.AfterInvocationManager)">setAfterInvocationManager</a></span>&#8203;(<a href="AfterInvocationManager.html" title="interface in org.springframework.security.access.intercept">AfterInvocationManager</a>&nbsp;afterInvocationManager)</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i15" class="rowColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractSecurityInterceptor.html#setAlwaysReauthenticate(boolean)">setAlwaysReauthenticate</a></span>&#8203;(boolean&nbsp;alwaysReauthenticate)</code></th>
<td class="colLast">
<div class="block">Indicates whether the <code>AbstractSecurityInterceptor</code> should ignore the
<a href="../../core/Authentication.html#isAuthenticated()"><code>Authentication.isAuthenticated()</code></a> property.</div>
</td>
</tr>
<tr id="i16" class="altColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractSecurityInterceptor.html#setApplicationEventPublisher(org.springframework.context.ApplicationEventPublisher)">setApplicationEventPublisher</a></span>&#8203;(org.springframework.context.ApplicationEventPublisher&nbsp;applicationEventPublisher)</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i17" class="rowColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractSecurityInterceptor.html#setAuthenticationManager(org.springframework.security.authentication.AuthenticationManager)">setAuthenticationManager</a></span>&#8203;(<a href="../../authentication/AuthenticationManager.html" title="interface in org.springframework.security.authentication">AuthenticationManager</a>&nbsp;newManager)</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i18" class="altColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractSecurityInterceptor.html#setMessageSource(org.springframework.context.MessageSource)">setMessageSource</a></span>&#8203;(org.springframework.context.MessageSource&nbsp;messageSource)</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i19" class="rowColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractSecurityInterceptor.html#setPublishAuthorizationSuccess(boolean)">setPublishAuthorizationSuccess</a></span>&#8203;(boolean&nbsp;publishAuthorizationSuccess)</code></th>
<td class="colLast">
<div class="block">Only <code>AuthorizationFailureEvent</code> will be published.</div>
</td>
</tr>
<tr id="i20" class="altColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractSecurityInterceptor.html#setRejectPublicInvocations(boolean)">setRejectPublicInvocations</a></span>&#8203;(boolean&nbsp;rejectPublicInvocations)</code></th>
<td class="colLast">
<div class="block">By rejecting public invocations (and setting this property to <tt>true</tt>),
essentially you are ensuring that every secure object invocation advised by
<code>AbstractSecurityInterceptor</code> has a configuration attribute defined.</div>
</td>
</tr>
<tr id="i21" class="rowColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractSecurityInterceptor.html#setRunAsManager(org.springframework.security.access.intercept.RunAsManager)">setRunAsManager</a></span>&#8203;(<a href="RunAsManager.html" title="interface in org.springframework.security.access.intercept">RunAsManager</a>&nbsp;runAsManager)</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i22" class="altColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractSecurityInterceptor.html#setValidateConfigAttributes(boolean)">setValidateConfigAttributes</a></span>&#8203;(boolean&nbsp;validateConfigAttributes)</code></th>
<td class="colLast">&nbsp;</td>
</tr>
</table>
<ul class="blockList">
<li class="blockList"><a id="methods.inherited.from.class.java.lang.Object">

</a>
<h3>Methods inherited from class&nbsp;java.lang.Object</h3>
<code>clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait</code></li>
</ul>
</li>
</ul>
</section>
</li>
</ul>
</div>
<div class="details">
<ul class="blockList">
<li class="blockList">

<section role="region">
<ul class="blockList">
<li class="blockList"><a id="field.detail">

</a>
<h3>Field Detail</h3>
<a id="logger">

</a>
<ul class="blockList">
<li class="blockList">
<h4>logger</h4>
<pre>protected final&nbsp;org.apache.commons.logging.Log logger</pre>
</li>
</ul>
<a id="messages">

</a>
<ul class="blockListLast">
<li class="blockList">
<h4>messages</h4>
<pre>protected&nbsp;org.springframework.context.support.MessageSourceAccessor messages</pre>
</li>
</ul>
</li>
</ul>
</section>

<section role="region">
<ul class="blockList">
<li class="blockList"><a id="constructor.detail">

</a>
<h3>Constructor Detail</h3>
<a id="&lt;init&gt;()">

</a>
<ul class="blockListLast">
<li class="blockList">
<h4>AbstractSecurityInterceptor</h4>
<pre>public&nbsp;AbstractSecurityInterceptor()</pre>
</li>
</ul>
</li>
</ul>
</section>

<section role="region">
<ul class="blockList">
<li class="blockList"><a id="method.detail">

</a>
<h3>Method Detail</h3>
<a id="afterPropertiesSet()">

</a>
<ul class="blockList">
<li class="blockList">
<h4>afterPropertiesSet</h4>
<pre class="methodSignature">public&nbsp;void&nbsp;afterPropertiesSet()</pre>
<dl>
<dt><span class="overrideSpecifyLabel">Specified by:</span></dt>
<dd><code>afterPropertiesSet</code>&nbsp;in interface&nbsp;<code>org.springframework.beans.factory.InitializingBean</code></dd>
</dl>
</li>
</ul>
<a id="beforeInvocation(java.lang.Object)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>beforeInvocation</h4>
<pre class="methodSignature">protected&nbsp;<a href="InterceptorStatusToken.html" title="class in org.springframework.security.access.intercept">InterceptorStatusToken</a>&nbsp;beforeInvocation&#8203;(java.lang.Object&nbsp;object)</pre>
</li>
</ul>
<a id="finallyInvocation(org.springframework.security.access.intercept.InterceptorStatusToken)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>finallyInvocation</h4>
<pre class="methodSignature">protected&nbsp;void&nbsp;finallyInvocation&#8203;(<a href="InterceptorStatusToken.html" title="class in org.springframework.security.access.intercept">InterceptorStatusToken</a>&nbsp;token)</pre>
<div class="block">Cleans up the work of the <tt>AbstractSecurityInterceptor</tt> after the secure
object invocation has been completed. This method should be invoked after the
secure object invocation and before afterInvocation regardless of the secure object
invocation returning successfully (i.e. it should be done in a finally block).</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>token</code> - as returned by the <a href="AbstractSecurityInterceptor.html#beforeInvocation(java.lang.Object)"><code>beforeInvocation(Object)</code></a> method</dd>
</dl>
</li>
</ul>
<a id="afterInvocation(org.springframework.security.access.intercept.InterceptorStatusToken,java.lang.Object)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>afterInvocation</h4>
<pre class="methodSignature">protected&nbsp;java.lang.Object&nbsp;afterInvocation&#8203;(<a href="InterceptorStatusToken.html" title="class in org.springframework.security.access.intercept">InterceptorStatusToken</a>&nbsp;token,
                                           java.lang.Object&nbsp;returnedObject)</pre>
<div class="block">Completes the work of the <tt>AbstractSecurityInterceptor</tt> after the secure
object invocation has been completed.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>token</code> - as returned by the <a href="AbstractSecurityInterceptor.html#beforeInvocation(java.lang.Object)"><code>beforeInvocation(Object)</code></a> method</dd>
<dd><code>returnedObject</code> - any object returned from the secure object invocation (may be
<tt>null</tt>)</dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>the object the secure object invocation should ultimately return to its
caller (may be <tt>null</tt>)</dd>
</dl>
</li>
</ul>
<a id="getAccessDecisionManager()">

</a>
<ul class="blockList">
<li class="blockList">
<h4>getAccessDecisionManager</h4>
<pre class="methodSignature">public&nbsp;<a href="../AccessDecisionManager.html" title="interface in org.springframework.security.access">AccessDecisionManager</a>&nbsp;getAccessDecisionManager()</pre>
</li>
</ul>
<a id="getAfterInvocationManager()">

</a>
<ul class="blockList">
<li class="blockList">
<h4>getAfterInvocationManager</h4>
<pre class="methodSignature">public&nbsp;<a href="AfterInvocationManager.html" title="interface in org.springframework.security.access.intercept">AfterInvocationManager</a>&nbsp;getAfterInvocationManager()</pre>
</li>
</ul>
<a id="getAuthenticationManager()">

</a>
<ul class="blockList">
<li class="blockList">
<h4>getAuthenticationManager</h4>
<pre class="methodSignature">public&nbsp;<a href="../../authentication/AuthenticationManager.html" title="interface in org.springframework.security.authentication">AuthenticationManager</a>&nbsp;getAuthenticationManager()</pre>
</li>
</ul>
<a id="getRunAsManager()">

</a>
<ul class="blockList">
<li class="blockList">
<h4>getRunAsManager</h4>
<pre class="methodSignature">public&nbsp;<a href="RunAsManager.html" title="interface in org.springframework.security.access.intercept">RunAsManager</a>&nbsp;getRunAsManager()</pre>
</li>
</ul>
<a id="getSecureObjectClass()">

</a>
<ul class="blockList">
<li class="blockList">
<h4>getSecureObjectClass</h4>
<pre class="methodSignature">public abstract&nbsp;java.lang.Class&lt;?&gt;&nbsp;getSecureObjectClass()</pre>
<div class="block">Indicates the type of secure objects the subclass will be presenting to the
abstract parent for processing. This is used to ensure collaborators wired to the
<code>AbstractSecurityInterceptor</code> all support the indicated secure object class.</div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>the type of secure object the subclass provides services for</dd>
</dl>
</li>
</ul>
<a id="isAlwaysReauthenticate()">

</a>
<ul class="blockList">
<li class="blockList">
<h4>isAlwaysReauthenticate</h4>
<pre class="methodSignature">public&nbsp;boolean&nbsp;isAlwaysReauthenticate()</pre>
</li>
</ul>
<a id="isRejectPublicInvocations()">

</a>
<ul class="blockList">
<li class="blockList">
<h4>isRejectPublicInvocations</h4>
<pre class="methodSignature">public&nbsp;boolean&nbsp;isRejectPublicInvocations()</pre>
</li>
</ul>
<a id="isValidateConfigAttributes()">

</a>
<ul class="blockList">
<li class="blockList">
<h4>isValidateConfigAttributes</h4>
<pre class="methodSignature">public&nbsp;boolean&nbsp;isValidateConfigAttributes()</pre>
</li>
</ul>
<a id="obtainSecurityMetadataSource()">

</a>
<ul class="blockList">
<li class="blockList">
<h4>obtainSecurityMetadataSource</h4>
<pre class="methodSignature">public abstract&nbsp;<a href="../SecurityMetadataSource.html" title="interface in org.springframework.security.access">SecurityMetadataSource</a>&nbsp;obtainSecurityMetadataSource()</pre>
</li>
</ul>
<a id="setAccessDecisionManager(org.springframework.security.access.AccessDecisionManager)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>setAccessDecisionManager</h4>
<pre class="methodSignature">public&nbsp;void&nbsp;setAccessDecisionManager&#8203;(<a href="../AccessDecisionManager.html" title="interface in org.springframework.security.access">AccessDecisionManager</a>&nbsp;accessDecisionManager)</pre>
</li>
</ul>
<a id="setAfterInvocationManager(org.springframework.security.access.intercept.AfterInvocationManager)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>setAfterInvocationManager</h4>
<pre class="methodSignature">public&nbsp;void&nbsp;setAfterInvocationManager&#8203;(<a href="AfterInvocationManager.html" title="interface in org.springframework.security.access.intercept">AfterInvocationManager</a>&nbsp;afterInvocationManager)</pre>
</li>
</ul>
<a id="setAlwaysReauthenticate(boolean)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>setAlwaysReauthenticate</h4>
<pre class="methodSignature">public&nbsp;void&nbsp;setAlwaysReauthenticate&#8203;(boolean&nbsp;alwaysReauthenticate)</pre>
<div class="block">Indicates whether the <code>AbstractSecurityInterceptor</code> should ignore the
<a href="../../core/Authentication.html#isAuthenticated()"><code>Authentication.isAuthenticated()</code></a> property. Defaults to <code>false</code>,
meaning by default the <code>Authentication.isAuthenticated()</code> property is
trusted and re-authentication will not occur if the principal has already been
authenticated.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>alwaysReauthenticate</code> - <code>true</code> to force
<code>AbstractSecurityInterceptor</code> to disregard the value of
<code>Authentication.isAuthenticated()</code> and always re-authenticate the
request (defaults to <code>false</code>).</dd>
</dl>
</li>
</ul>
<a id="setApplicationEventPublisher(org.springframework.context.ApplicationEventPublisher)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>setApplicationEventPublisher</h4>
<pre class="methodSignature">public&nbsp;void&nbsp;setApplicationEventPublisher&#8203;(org.springframework.context.ApplicationEventPublisher&nbsp;applicationEventPublisher)</pre>
<dl>
<dt><span class="overrideSpecifyLabel">Specified by:</span></dt>
<dd><code>setApplicationEventPublisher</code>&nbsp;in interface&nbsp;<code>org.springframework.context.ApplicationEventPublisherAware</code></dd>
</dl>
</li>
</ul>
<a id="setAuthenticationManager(org.springframework.security.authentication.AuthenticationManager)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>setAuthenticationManager</h4>
<pre class="methodSignature">public&nbsp;void&nbsp;setAuthenticationManager&#8203;(<a href="../../authentication/AuthenticationManager.html" title="interface in org.springframework.security.authentication">AuthenticationManager</a>&nbsp;newManager)</pre>
</li>
</ul>
<a id="setMessageSource(org.springframework.context.MessageSource)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>setMessageSource</h4>
<pre class="methodSignature">public&nbsp;void&nbsp;setMessageSource&#8203;(org.springframework.context.MessageSource&nbsp;messageSource)</pre>
<dl>
<dt><span class="overrideSpecifyLabel">Specified by:</span></dt>
<dd><code>setMessageSource</code>&nbsp;in interface&nbsp;<code>org.springframework.context.MessageSourceAware</code></dd>
</dl>
</li>
</ul>
<a id="setPublishAuthorizationSuccess(boolean)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>setPublishAuthorizationSuccess</h4>
<pre class="methodSignature">public&nbsp;void&nbsp;setPublishAuthorizationSuccess&#8203;(boolean&nbsp;publishAuthorizationSuccess)</pre>
<div class="block">Only <code>AuthorizationFailureEvent</code> will be published. If you set this property
to <code>true</code>, <code>AuthorizedEvent</code>s will also be published.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>publishAuthorizationSuccess</code> - default value is <code>false</code></dd>
</dl>
</li>
</ul>
<a id="setRejectPublicInvocations(boolean)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>setRejectPublicInvocations</h4>
<pre class="methodSignature">public&nbsp;void&nbsp;setRejectPublicInvocations&#8203;(boolean&nbsp;rejectPublicInvocations)</pre>
<div class="block">By rejecting public invocations (and setting this property to <tt>true</tt>),
essentially you are ensuring that every secure object invocation advised by
<code>AbstractSecurityInterceptor</code> has a configuration attribute defined.
This is useful to ensure a "fail safe" mode where undeclared secure objects will be
rejected and configuration omissions detected early. An
<tt>IllegalArgumentException</tt> will be thrown by the
<tt>AbstractSecurityInterceptor</tt> if you set this property to <tt>true</tt> and
an attempt is made to invoke a secure object that has no configuration attributes.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>rejectPublicInvocations</code> - set to <code>true</code> to reject invocations of
secure objects that have no configuration attributes (by default it is
<code>false</code> which treats undeclared secure objects as "public" or
unauthorized).</dd>
</dl>
</li>
</ul>
<a id="setRunAsManager(org.springframework.security.access.intercept.RunAsManager)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>setRunAsManager</h4>
<pre class="methodSignature">public&nbsp;void&nbsp;setRunAsManager&#8203;(<a href="RunAsManager.html" title="interface in org.springframework.security.access.intercept">RunAsManager</a>&nbsp;runAsManager)</pre>
</li>
</ul>
<a id="setValidateConfigAttributes(boolean)">

</a>
<ul class="blockListLast">
<li class="blockList">
<h4>setValidateConfigAttributes</h4>
<pre class="methodSignature">public&nbsp;void&nbsp;setValidateConfigAttributes&#8203;(boolean&nbsp;validateConfigAttributes)</pre>
</li>
</ul>
</li>
</ul>
</section>
</li>
</ul>
</div>
</div>
</main>

<footer role="contentinfo">
<nav role="navigation">

<div class="bottomNav"><a id="navbar.bottom">

</a>
<div class="skipNav"><a href="AbstractSecurityInterceptor.html#skip.navbar.bottom" title="Skip navigation links">Skip navigation links</a></div>
<a id="navbar.bottom.firstrow">

</a>
<ul class="navList" title="Navigation">
<li><a href="../../../../../index.html">Overview</a></li>
<li><a href="package-summary.html">Package</a></li>
<li class="navBarCell1Rev">Class</li>
<li><a href="package-tree.html">Tree</a></li>
<li><a href="../../../../../deprecated-list.html">Deprecated</a></li>
<li><a href="../../../../../index-all.html">Index</a></li>
<li><a href="../../../../../help-doc.html">Help</a></li>
</ul>
</div>
<div class="subNav">
<ul class="navList" id="allclasses_navbar_bottom">
<li><a href="../../../../../allclasses.html">All&nbsp;Classes</a></li>
</ul>
<div>
<script type="text/javascript"><!--
  allClassesLink = document.getElementById("allclasses_navbar_bottom");
  if(window==top) {
    allClassesLink.style.display = "block";
  }
  else {
    allClassesLink.style.display = "none";
  }
  //-->
</script>
<noscript>
<div>JavaScript is disabled on your browser.</div>
</noscript>
</div>
<div>
<ul class="subNavList">
<li>Summary:&nbsp;</li>
<li>Nested&nbsp;|&nbsp;</li>
<li><a href="AbstractSecurityInterceptor.html#field.summary">Field</a>&nbsp;|&nbsp;</li>
<li><a href="AbstractSecurityInterceptor.html#constructor.summary">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="AbstractSecurityInterceptor.html#method.summary">Method</a></li>
</ul>
<ul class="subNavList">
<li>Detail:&nbsp;</li>
<li><a href="AbstractSecurityInterceptor.html#field.detail">Field</a>&nbsp;|&nbsp;</li>
<li><a href="AbstractSecurityInterceptor.html#constructor.detail">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="AbstractSecurityInterceptor.html#method.detail">Method</a></li>
</ul>
</div>
<a id="skip.navbar.bottom">

</a></div>

</nav>
</footer>
<script>if (window.parent == window) {(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o), m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)})(window,document,'script','//www.google-analytics.com/analytics.js','ga');ga('create', 'UA-2728886-23', 'auto', {'siteSpeedSampleRate': 100});ga('send', 'pageview');}</script><script defer src="https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194" integrity="sha512-Gi7xpJR8tSkrpF7aordPZQlW2DLtzUlZcumS8dMQjwDHEnw9I7ZLyiOj/6tZStRBGtGgN6ceN6cMH8z7etPGlw==" data-cf-beacon='{"rayId":"7040d067cab2980c","token":"bffcb8a918ae4755926f76178bfbd26b","version":"2021.12.0","si":100}' crossorigin="anonymous"></script>
</body>
</html>
